I just upgraded my nginx from 1.4.2 (/usr/local) to 1.4.7 (yum) on AWS EC2. I now have a pair of errors occuring on the client side:
GET https://subdomain.mysite.com/assets/application.css net::ERR_CONTENT_LENGTH_MISMATCH
GET https://subdomain.mysite.com/assets/application.js net::ERR_CONTENT_LENGTH_MISMATCH
I am at a loss for this and google has not been much help. Any ideas on where to start? All help appreciated. Could the switch from a manual install to a yum install be the issue?
I can confirm answer 1 addresses the underlying problem (I'm a new SE user so I can't upvote it yet). Here is more detail for search engines:
From /var/log/nginx/error.log
2014/04/30 08:07:48 [crit] 35135#0: *116437 open() "/var/lib/nginx/proxy/7/09/0000001097" failed (13: Permission denied) while reading upstream
In my case this happened because I recently changed the user under which nginx runs (the default nginx config uses www-data in /etc/nginx/nginx.conf).
My solution was to chown -R correct_user:root /var/lib/nginx/proxy. I imagine I could also have rm -rf'd the existing /var/lib/nginx/proxy subdirectories with the expectation that nginx would recreate them using the correct_user as owner.
eric-francis thanks for figuring this out! This easily saved me a day of hunting.
tail -f /usr/local/var/log/nginx/error.log
You may see something like:
"/usr/local/var/run/nginx/proxy_temp/9/04/0000000049" failed (13:
Permission denied) while reading upstream
Heres how I fixed:
sudo nginx -s stop
sudo rm -rf /usr/local/var/run/nginx/*
Ok, so this can be fixed in a couple of ways. The thing to do is check your log file.
Mine was located at /usr/share/nginx/log/error-appname.log
Tail the log and you will find that user defined in your config file (mine is at /etc/nginx/nginx.conf) most likely does not have permissions to something. I use user nobody.
For one app I had to give u+rx (nginx needs executable) to my application user's home folder all the way to my application's public assets directory.
On another server, nobody was not able to write to nginx's /var/lib/nginx/tmp/proxy folder. So I had to chown nobody /var/lib/nginx down to the /proxy folder nobody was trying to write to.
Related
I wanted to know how can I set right permission for my file /log/production.log? Everyone is saying just use chmod or chown but no one explains what I should wright after these commands. I am beginner and would appreciate if you could explain.
In my particular example I have rails app on production server where I need to set permission to production.log file in /var/www/my_app/log/ directory.
Here is what documentation is asking from me:
By default, Phusion Passenger runs Rails applications as the owner of
config.ru. So the log file can only be written to if that user has
write permission to the log file. Please chmod or chown your log file
accordingly.
Hope you can help. Thanks.
Try chmod 0660 production.log and take a look at this explanation/diagram of chmod.
chmod allows change the permissions of a file or a directory. Exists three basic permissions (read,write,execute) for three differents groups (owner,group,other).
chown allows change who is the owner of a file or a directory.
I recommend you use chmod 640. Looking the syntax of chmod here you're defining the production.log's owner (usually root) can read and write this file. If you want, you can give read-access for all users of the same group of the owner. But you shouldn't offer permissions for other people, even less in a production environment.
I would create a deploy user for your application, say myapp (doesn't particularly matter what the name is). The use this user to deploy/manage your application. Assuming username myapp
chown -R myapp:myapp /var/www/my_app
and then restart nginx/passenger. This will cause passenger to run as the myapp user, and allow it to write logs under the logs directory. (Also make sure that you don't have /var/www as the docroot, accessible outside of passenger as it can cause information leakage)
another option, if the server isn't shared, is that you can run as the www user. so
chown -R www:www /var/www/my_app
which should allow the process to write to your logs.
So I am trying to follow the tutorial here: https://gorails.com/deploy/ubuntu/14.04 to deploy a Rails app. When I tried to edit the nginx.conf at (/etc/nginx/nginx.conf) file, it tells me I have read only permission, even though I followed the steps(with setting the permissions) previously. How do I fix this?
you need sudo to edit that file, because it's owned by root user,
use sudo nano /etc/nginx/nginx.conf or sudo vim /etc/nginx/nginx.conf which ever editor you prefer.
I'm deploy my app with capistrano on centos (apache + passenger), when access my web I got `HTTP 500 (Internal Server Error)' and check error_log file , here's error look likes :
DAV/2 Phusion_Passenger/3.0.19 mod_ssl/2.2.24 OpenSSL/1.0.0-fips configured -- resuming normal operations
Rails Error: Unable to access log file. Please ensure that /home/admin/myaap/releases/20130506191509/log/production.log exists and is chmod 0666. The log level has been raised to WARN and the output directed to STDERR until the problem is fixed..
production.log permission
-rwxrwxr-x 1 root root 46211 May 6 20:49 production.log
and
ActionView::Template::Error (Permission denied - /home/admin/myaap/releases/20130506191509/tmp/cache/assets/D3B
directory D3B not found.
I am looking for a solution via google, one of which is sudo chown -R root:root /home/admin/myapp/ but not working for me, Is there any other way to fix it?
Note :
I'm using user root for deploy and installing rvm, and directory root location on user 'admin' (kloxo control panel)
UPDATE
On error_log file not found error about permission and unable to access, I'm using chmod go-w /home/admin/myapp and chmod 0666 production.log , but my web still 500 server error, How do I check error?
As Rails is suggesting in the error log, you should change permissions for the log file to 066:
chmod 0666 production.log
You are using root to deploy, but the web server is using another user name.
You need to make your apache user the owner of your app like:
sudo chown -R apacheuser:apacheuser /home/admin/myapp/
I've always had success with the the log file permissions as 644. When this has happened to me, more than once I might add, it has always been answered by the question linked below. Since this is the first answer in Google for the query I use, I'm linking to the answer that I really want.
Rails: Unable to access log file
I have a multi-app system running on a centOS box, that consists of our main app and a deployer app. when a client wants a new instance of our app, they use our deployer, fill in some info and the new install is created on our server. the issue i am having is that i can't get nginx to reload it's config file automatically. so after the deploy when visiting the new app we receive a 404 until i reload manually.
I've tried a few different ways including chmod /opt/nginx/sbin/nginx to 777, chmod the install script and deployer app to 777,
the script goes like this:
#create install directory -- works correctly
#copy files over -- works correctly
#run install script
##-- and then at this point i've tried multiple lines, including:
system("nginx -s reload") ## this works manually
system("/etc/init.d/nginx reload") ## this works manually
i've followed directions here: Restart nginx without sudo? to create a script to run without a sudo password and then tried this:
system("sudo /var/www/vhosts/deployer/lib/nginx_reload")
nothing seems to work, i'm assuming this is a permissions error, but maybe i'm wrong, if anyone could point me in any direction, that would be very helpful since i've been trying to figure this out for a few days too long and i'm fresh out of new ideas
sudo /etc/init.d/nginx reload
I'm trying to install Yaws on my Ubuntu 11.01 system via apt-get install yaws. But when I call the shell script yaws from the command line I get the following error: Yaws: Bad conf: "Can't find config file "
Unless my aging eyes are missing something, I can't find enlightenment in either the Yaws website or Zachery Kessin's book.
I can find configuration files in /etc/yaws. But is there something else I need to know/do?
Thanks,
LRP
If you installed yaws with the package manager then it's controlled by an init script (and you should work with that instead of running yaws manually, I'll add).
You're most likely running yaws as a non-privileged user, and if you look closely, the directory /etc/yaws is:
drwxr-x--- 4 root yaws 4096 Aug 7 10:36 yaws
You're probably trying to run yaws under a user other than root, and without membership in the yaws group.
I would venture a guess that this is a bug in the distro's packaging rather than in yaws since the man page clearly states that running it as a non-privileged user it falls back to reading /etc/yaws/yaws.conf, except that under Debian/Ubuntu (I'm on Debian 6) the permissions on /etc/yaws/ do not live up to the claim in the map page.
But, if you work through the distro's init script and daemon management facilities your problem goes away magically. That I think is preferable to tapping the Debian packager on the shoulder and having a long conversation about config directory permissions. :)
Try doing the following.
$ touch yaws.conf
$ yaws
Hit the enter key to bring up the prompt. Works on Debian 7 (wheezy).
You may also want to do the following to place your username in the yaws group.
$ adduser USERNAME yaws
To one of the maintainers of this package found in the readme file, I have pointed them to here.
$ dpkg -L yaws | grep -i readme
My system is Debian 7 or often called wheezy distro. It's actually kali-linux but that's just fyi stuff. I browsed to /etc/yaws as root with nautilus otherwise it's locked.
~$ sudo su
[sudo] password for username:
# nautilus
Initializing nautilus-gdu extension
Now you may look in the /etc/yaws directory.
The yaws.conf should be in there. Josef would be correct as this is what yaws will try to use if the user has access to this file. But not being root you don't.
My solution is to just get ideas out of that file and the others within the same directory. Take this next answer from Van and make your home/user have a yaws.conf and play around with different configurations from what you found in the etc one. Not that hard to copy and paste if you just have access to the files. Enjoy! :-D